Friday, March 7, 2014

crypto shell trickery!

I recently imported crash into my github. It featuresIP6-ready SSH-like remote shell, using strong public keyauthentication and TLS-encrypted transport. It does notrely on SSL/TLS internal X509 cecking but compareshostkeys bit-wise. It runs on Linux and embedded derivates,Android, BSD, Solaris and OSX/Darwin. It does not require rootand has back-connect and trigger modes built in. It canalso be invoked as a CGI.Update: Pushed a fix into git to use SHA512 rather thanSHA1 for signing authentication requests. That makesit incompatible with earlier versions. Also fixed a bugwhere crashc did not properly distribute SIGWINCH to theremote peer. Now you can use your ncurses porn and resizeyour xterm and it gets properly adjusted! Also testedauthentication RSA keys of up to 7500 bit in size. Thatshould resist upcoming (TS//SI//REL) QUANTUMFUCK computers.I need to find the time to enforce cipher-lists and addephemeral keying though. (done)Also good news: crash also integrates with sshttp!